The GitGuardian API gives you full creative control to manage your dashboard data and also to use GitGuardian secrets detection engine, whether through gg-shield or in a custom way. All API calls need to be authenticated.
- Export your incidents to build custom reports.
- Manage your incidents programmatically.
- Plug GitGuardian easily into your existing services.
- Build your own integration for secrets detection.
- You want to use gg-shield to shift left.
Scopes are tied to an API key and control the access to resources and scan capability.
Dashboard data management scopes:
incidents:write: grant view and edit permissions on the incidents of your GitGuardian workspace.
incidents:read: grant view only permission on the incidents of your GitGuardian workspace.
Scan capability scope:
scan: grant permissions to scan any text content for secrets with GitGuardian secrets detection engine.
You can even test this capability directly in the API section of your dashboard:
- The GitGuardian API is versioned.
- All requests to the GitGuardian API must be authenticated.
- The GitGuardian API enforces rate limits on all requests.
- Only secret incidents are available through the API.